Insight
This hub aggregates every CVE we track for Insight, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
18
CVEs tracked
2
Critical
11
High
0
In CISA KEV
Severity distribution
HIGH11MEDIUM4CRITICAL2LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Insight.
- CVE-2023-45892An issue discovered in the Order and Invoice pages in Floorsight Insights Q3 2023 allows an unauthenticated remote attacker to view sensitive customer information.7.5
- CVE-2023-28350An issue was discovered in Faronics Insight 10.0.19045 on Windows. Attacker-supplied input is not validated/sanitized before being rendered in both the Teacher and Student Console applications, ena...6.1
- CVE-2023-28353An issue was discovered in Faronics Insight 10.0.19045 on Windows. An unauthenticated attacker is able to upload any type of file to any location on the Teacher Console's computer, enabling a varie...8.8
- CVE-2023-28344An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console application allows unauthenticated attackers to view constantly updated screenshots of student desktop...7.1
- CVE-2023-28352An issue was discovered in Faronics Insight 10.0.19045 on Windows. By abusing the Insight UDP broadcast discovery system, an attacker-controlled artificial Student Console can connect to and attack...7.4
- CVE-2023-28347An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker to create a proof-of-concept script that functions similarly to a Student Console, providing unauth...9.6
- CVE-2023-28349An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker to create a crafted program that functions similarly to the Teacher Console. This can compel Studen...8.8
- CVE-2023-28346An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for a remote attacker to communicate with the private API endpoints exposed at /login, /consoleSettings, /console, ...7.3
- CVE-2023-28345An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console application exposes the teacher's Console password in cleartext via an API endpoint accessible from lo...4.6
- CVE-2023-28348An issue was discovered in Faronics Insight 10.0.19045 on Windows. A suitably positioned attacker could perform a man-in-the-middle attack on either a connected student or teacher, enabling them to...7.4
- CVE-2023-28351An issue was discovered in Faronics Insight 10.0.19045 on Windows. Every keystroke made by any user on a computer with the Student application installed is logged to a world-readable directory. A l...3.3
- CVE-2017-18857The NETGEAR Insight application before 2.42 for Android and iOS is affected by password mismanagement.9.8
- CVE-2019-12591NETGEAR Insight Cloud with firmware before Insight 5.6 allows remote authenticated users to achieve command injection.6.8
- CVE-2019-6507An issue was discovered in creditease-sec insight through 2018-09-11. login_user_delete in srcpm/app/admin/views.py allows CSRF.8.8
- CVE-2019-6510An issue was discovered in creditease-sec insight through 2018-09-11. user_delete in srcpm/app/admin/views.py allows CSRF.8.8
Product normalization is registry-driven with AI assist and human review. How it works